Are BAS and SCADA Systems Doomed? Is Blue Pillar’s Digital Energy Network Next?

The article “The Move Beyond Building Automation Systems to a More Secure Energy Infrastructure” by Brad Witter, EVP of Technology and Operations at Blue Pillar, Inc., was brought to light compliments of Lynxspring’s Marc Petock, VP Marketing. The implications of this article may cause some discomfort, especially, if you believe your are on or near the top of rung of the BAS technology ladder. Large infrastructures (hospitals, universities, industrial parks, malls, and supermarkets and the like) are shifting their big gears to reduce their security and service disruption vulnerabilities, shifting towards a digital energy network that may leave the customized and inflexible software providers, featuring their “individual-dependent” options — well outside the emerging solutions zone.

Article Excerpts:

Frost and Sullivan’s findings show that developing a better and more energy efficient infrastructure runs parallel with the challenge of getting the most out of your existing aging energy infrastructure. Maximizing the value of both the new and the old is the name of the game. Companies need to balance cost effectiveness and risk, which is why BAS and SCADA applications are on the losing side of the coin, but still considered because they have been around for more than a decade and integrate with legacy assets. However, as cyber threats and their associated risks grow, the heads of engineering, operations and facilities management are weighing in. The cost of a security breach or service disruption is ruling out the use of BAS or SCADA for automating energy infrastructures, which is putting vendors of such systems in a frenzy to find a plausible solution. The ISA Security Compliance Institute (ISCI) is emerging to formalize SCADA security testing, but it will inevitably take time before any protocol standards will be accepted as safe and secure.

“A great majority of SCADA vendors have started to address the risks of cyber threats by developing lines of specialized industrial firewall and VPN solutions for TCP/IP-based SCADA networks,” said Frost & Sullivan research analyst Katarzyna Owczarczyk in a recent statement. Across the spectrum of automation and control systems, statistics show that both BAS and SCADA systems have been found to be more vulnerable to cyber-attacks. This is re-affirmed by a number of high-profile attacks recently.

Most of the protocols communicating with both BAS and SCADA have their origins in serial communications and provide absolutely no security, and contrary to some of the “sales” jargon out there, are simply not foolproof and put end-users in a vulnerable, risky position. Whether the communications are Modbus, TCP/IP or OPC, the unfortunate truth is that these protocols actually increase the potential vulnerabilities within their facilities. Energy asset management systems, unlike BAS systems, have been developed to manage the growing complexity of distributed energy resources (DER).

Click here for complete article.

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on pinterest
Pinterest

2 Responses

  1. Thought provoking. And it has been my contention that such things as these enterprise-level initiatives and device-to-enterprise communications will diminish the role of BAS and BAS middleware, in particular.

    But there were also some weak points to the author’s argument. First, in exploring the company a bit it is easy to see that they have the industrial automation experience on their team. I see no evidence of similar building automation experience. Second, while the cyber security argument is valid, and while it is a source of concern for building owners and portfolio managers, this audience is far more receptive to a message of energy savings and availability of data. And that;s where BAS shines.

    Yes, we need a kick in the pants in our BAS community. But I wouldn’t count us out of the ring quite yet. 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *

BE IN THE KNOW

Join 7,592 other subscribers